Currently Being ModeratedNov 14, 2012 4:19 AM (in response to bsungur)
I'm not entirely certain I understand the question you're asking here. A few more words around the current problem and any errors or diagnostics or symptoms you might be seeing — and some background on your configuration and goals — might help me with that understanding.
Open Directory works just fine without replicas around, if that's your question.
If your replica server is still around and you "just" want rid of it, then demote it using Server Admin too, and it'll "cleanly" exit the configuration.
Getting rid of a tangled or missing replica server can involve a few extra non-GUI steps, if the replica server is somehow no longer around to exit "cleanly" the configuration, if that's your question. (There's a Krypted post on this topic, for instance.)
Currently Being ModeratedNov 14, 2012 6:21 AM (in response to bsungur)
I think that you will want to....
- ensure you have proper (and occasionally tested) backups of your Open Directory data, as OD does occasionally get corrupted, disks do fail, server security does get breached, and accidents do happen.
- establish an OD replica if/when your local operations become or are large enough to require that your authentication needs better uptime, or if you're starting to distribute your authentication data across multiple (remote) sites.
- consider an upgrade to newer versions of OS X Server, as OS X Server 10.6 has largely fallen off Apple support.
Is running one Open Directory server and no replicas particularly problematic? Not really. I know a number of sites that have services (DNS, OD, mail, whatever) that are effectively single points of failure. But that's as much a business decision as a technical one, and business decisions are almost always local decisions.
Currently Being ModeratedNov 20, 2012 12:59 PM (in response to bsungur)
If there are no LDAP replicas, then it would be somewhat unusual for the replication mechanisms to be active.
I'm not sure whether there is a larger question here that you're not directly asking, or whether you're trying to learn how LDAP and related pieces fit together or — and this is usually the most hazardous to your sanity — whether you're poking around with hidden viewing enabled — that bullseye icon — and looking in log files for scary-looking things.
If it's the latter, you'll definitely find scary messages, weird messages, odd errors, and related. And typically, there are no problems, either. Turn off the hidden views and related, and let OS X Server do its work.
If you're trying to learn LDAP, there are some pretty good books on that topic, including one or two from O'Reilly. The OS X Server manuals for 10.6 have some decent details, too.
If it's the former — if you have a particular and overarching question here — well, ask away.